Various electronic devices, such as mobile telecommunication terminals, portable computers and PDAs require access to security related components such as application programs, cryptographical keys, cryptographical key data material, intermediate cryptographical calculation results, passwords, authentication of externally downloaded data etc. It is often necessary that these components, and the processing of them, is kept secret within the electronic device. Ideally, they shall be known by as few people as possible. This is due to the fact that a device, for example a mobile terminal, could possibly be tampered with if these components are known. Access to these types of components might aid an attacker with the malicious intent to manipulate a terminal.
Further, in the devices, these above mentioned security related components will be handled, processed and managed alongside more general components which do not require any secure processing. Therefore, a secure execution environment is introduced in which environment a processor within the electronic device is able to access the security related components. Access to the secure execution environment, processing in it and exit from it should be carefully controlled. Prior art hardware comprising this secure environment is often enclosed within a tamper resistant packaging. It should not be possible to probe or perform measurements and tests on this type of hardware which could result in the revealing of security related components and the processing of them.
An electronic device processing information in a secure environment and storing security related information in a secure manner is shown in U.S. Pat. No. 5,892,900. The patent discloses a virtual distribution environment securing, administering and controlling electronic information use. It comprises a rights protection solution for distributors, financial service providers, end-users and others. The invention uses electronic devices called Secure Processing Units to provide security and secure information storage and communication. Such a device, including a processor, is enclosed within a “tamper resistant security barrier”, separating the secure environment from the outer world. The electronic device provides both the secure environment and an unsecure environment, in which latter case the processor of the device has no access to the security related information.
A problem that has to be solved is to enable for a third party to perform testing, debugging and servicing of the electronic device and its software without risking that the third party is given access to information which makes it possible to manipulate the security related components of the device so as to affect the security functions when in the secure environment. It should be possible to move between the two environments smoothly, without having to initialize one or the other every time a movement is effected.